← Back to team overview

edubuntu-bugs team mailing list archive

[Bug 885027] Re: SUID Mount Helper has 5 Major Vulnerabilities

 

@Dan: As I suspected, you're in this not to contribute something to the
community, but as a destructive influence. You will not be missed. Try
and remember that I am not attempting to fix calibre-mount-helper for
some sort of personal gain, but simply to allow people using calibre to
have the best possible experience. I readily admit I don't know as much
about secure coding as you do, but hey, at least one of us is trying to
learn something. Look back at the start of this bug report. Every time I
was convinced of the existence of an actual exploit, I have attempted to
fix it. Maybe my fixes were naive, but dont forget that it's a lot
easier to find holes in something, than to build somethig without holes
in the first place.

@Jason: Indeed, I did overlook the second realpath call, now fixed.

-- 
You received this bug notification because you are a member of Edubuntu
Bugsquad, which is subscribed to calibre in Ubuntu.
https://bugs.launchpad.net/bugs/885027

Title:
  SUID Mount Helper has 5 Major Vulnerabilities

To manage notifications about this bug go to:
https://bugs.launchpad.net/calibre/+bug/885027/+subscriptions